System and Method for Enabling Trusted Caller Identity and Spoofed Call Prevention

ABSTRACT

A system and method of verifying a caller identification utilizing a server that communicates with a computing device capable of monitoring communication networks for specific communications from an enterprise voice network. The server can push a spoof prevention contact list to user devices. Additionally, the server can receive notifications from the computing device in response to user inputs that allow match analysis to occur with the information in the received notifications. When a match is found, the server can send a notification to a user device to modify a contact name in the spoof prevention list stored in the user device. After a specified time, the contact name can be altered back to the original state. As an example, the contact name in the spoof prevention list may start out as “unverified call,” and be changed temporarily to “verified call” upon receipt of the notification.

BACKGROUND Technical Field

The present disclosure relates to a telecommunications system that enables trusted caller identification and spoofed call prevention. More particularly, and not by way of limitation, in one embodiment, a pre-call notification can be sent to a user device using an out-of-band communication means that causes the user device to display specifically defined language or images when a call is received from a previously identified calling number indicated in the pre-call notification.

Background

This background section is intended to provide a discussion of related aspects of the art that could be helpful to understanding the embodiments discussed in this disclosure. It is not intended that anything contained herein be an admission of what is or is not prior art, and accordingly, this section should be considered in that light.

No one trusts phone calls or text messages anymore. Millions of unwanted spoofed calls, spoofed text messages, and robocalls bombard users daily. Fraudsters use these calls to gather key pieces of identity information from unsuspecting users to conduct an account takeover or to deceive users into releasing money to the fraudsters.

Businesses and the contact centers that serve its customers have been severely impacted by this trend. Because of the complete lack of trust in phone calls, legitimate phone calls often go unanswered and end up in voicemail purgatory. In addition, these legitimate calls are often blocked without the knowledge of the customer or business, either by the telecom network, the settings of the mobile phone operating system, or a third-party call blocking application.

This can create frustrating situations, for example, when customers call a business for support, are told to expect a call back when it is their turn in line, and never receive it. Another problem occurs when a business needs to speak with a customer to address an urgent issue and cannot get in contact with the customer. This results in businesses frequently having to make multiple attempts to contact its customers, incurring additional operating costs, and customer frustration in the process.

It would be advantageous to have a system and method that overcomes the disadvantages of the prior art.

BRIEF SUMMARY

This summary provides a discussion of aspects of certain embodiments of the invention. It is not intended to limit the claimed invention or any of the terms in the claims. The summary provides some aspects but there are aspects and embodiments of the invention that are not discussed here.

The present disclosure is directed to a caller identification system utilizing a server or portal configured to communicate with a first computing device and execute a call acquisition function, or other means capable of monitoring one or more communication networks, for specific transfers of data or information. The first computing device can send a notification with identifying information regarding a trusted call to the portal/server when a call from a specific number is detected. The identifying information can be entered or sent to the portal/server from a CRM system for the calling enterprise or can be entered directly into the portal/server by a business enterprise representative. After receiving the identifying information for one or more trusted calls, the call acquisition function can monitor all calls from an entity or entities to look for calls that match the identifying information. Upon detecting a match, the call acquisition function or other monitoring system can trigger a notification to the first computing device or portal, which in turn can trigger a pre-call notification to the customer device that causes a name and/or other information associated with the caller's number to be stored or modified on the customer device.

Thus, in one aspect, the present disclosure is directed to a method for identifying an incoming call to a customer. A first notification with identifying information regarding a call to be made to a customer is received at a portal from either a customer relationship management program or directly from user input at the portal. Outgoing phone calls from an enterprise voice network can be monitored by a call acquisition function or other monitoring system. When a phone number included in the first notification is matched with a called phone number in an outgoing phone call, a second notification from the portal can be sent to the customer device that is being called. The second notification causes the customer device to display a caller identification notification that indicates the call can be trusted. A record associated with the calling number can be stored on the customer device by either storing the desired name for the enterprise or enterprise contact or by modifying an existing record associated with the enterprise to display the desired name. For example, a contact stored on the user device can be modified to change the contact name from unverified to verified or to add a specific image.

In another aspect, the present disclosure is directed to a computer-implemented method that allows for receiving a purpose for a communication to a customer either from a customer relationship management system or directly from a customer service representative at a portal or other computing device. After the purpose has been populated, a call can be initiated from the voice network by the customer service representative. A call acquisition function, or other monitoring system, can be used to monitor outgoing calls from the enterprise voice network. When an outgoing calling number matches a number on an enterprise spoof prevention list, the call acquisition function can trigger a notification to the portal. The enterprise spoof prevention list is the list of phone numbers that are used as calling numbers from the enterprise to contact customers. The portal, upon reception of the notification from the call acquisition function, triggers a pre-call notification about the pending arrival of a verified call to the app on the customer phone. The pre-call notification can include the purpose of the call and can also cause the purpose and a desired name or image to be displayed on the customer's phone when the call arrives. This can be accomplished, for example, by using the pre-call notification message to temporarily change the contact name associated with the calling number in the customer's phone from unverified call to verified call, or to add a specific image, for example. After the call is made, the contact name can be changed back to its original state.

BRIEF DESCRIPTION OF THE DRAWINGS

The novel features believed characteristic of the disclosure are set forth in the appended claims. The disclosure itself, however, as well as a preferred mode of use, further objectives, and advantages thereof, will be best understood by reference to the following detailed description of illustrative embodiments when read in conjunction with the accompanying drawings, wherein:

FIG. 1 is a flowchart of a method for caller identity verification in accordance with an embodiment of the disclosure.

FIG. 2 transaction flow diagram for the method described with reference to FIG. 1 in accordance with an embodiment of the disclosure.

FIG. 3 is a flowchart of a method of caller identity verification in accordance with an embodiment of the disclosure.

FIG. 4 is a transaction flow diagram for the method described with reference to FIG. 3 in accordance with an embodiment of the disclosure.

FIG. 5 is a block diagram of a solution architecture environment for caller ID verification using a mobile device in accordance with an embodiment of the disclosure.

FIG. 6 is a block diagram showing the initial interactions between a portal and a customer device in accordance with an embodiment of the disclosure.

FIG. 7 is a block diagram showing a pre-call notification communication between a customer device and a portal in accordance with an embodiment of the disclosure.

FIG. 8 is a block diagram showing an end-call notification communication between a portal and a customer device in accordance with an embodiment of the disclosure.

FIG. 9 is a block diagram showing a call from a scammer to a customer in accordance with an embodiment of the disclosure.

FIG. 10 is a network architecture diagram of a caller identity verification system in accordance with an embodiment of the disclosure.

FIG. 11 is a network architecture diagram of a caller identity verification system in accordance with an embodiment of the disclosure.

FIG. 12 is a transaction flow diagram for a method of use of the disclosed methods with alternative communication protocols in accordance with an embodiment of the disclosure.

DETAILED DESCRIPTION

Embodiments of the disclosure will now be described. One example of the present disclosure includes a user device receiving a spoof prevention list of phone numbers belonging to one or more enterprises, businesses, or stores. While enterprises, businesses, or stores are discussed within this disclosure, it would be understood that these could represent any calling entity desiring a method of enabling trust in a caller identification, whether said entity is currently in existence or becomes available later.

In at least one example, a spoof prevention list may be a contact list or other data set including contact information that is not blocked from making or completing calls to the user device. The spoof prevention list stores into the user device's local contacts at least one contact name with a predefined name such as “Unverified caller,” “Unverified call,” or similar name or image that would indicate to the user that a call has not been verified. Before making a call to the user, an enterprise or store representative may define the purpose of the call which is to be made by sending or assigning the verbiage to the user's phone number on a portal located within the enterprise's voice or network system. When the call is placed, a call acquisition function used to monitor outgoing calls can detect the call made from a pre-defined enterprise number, triggering a message to the portal. Alternatively, a message can be sent to the portal directly by the store representative or a CRM system at the time the call is placed.

The portal can conduct an analysis of the call or call information by matching a calling number on a spoof prevention list to a call that has been placed from an enterprise calling number to the user's phone number associated with a user device. If a match is found, the portal can send a pre-call notification, or in some examples a call initiation notification, to the user device indicating the purpose of the impending call previously stored at the portal. The notification may include verbiage that was assigned by the enterprise or store representative, or selected text or data from a predefined notification list. The user device, upon receiving the pre-call notification or other change signal, changes the contact name information for the calling number to “verified call” or other similar alternative, and stores the purpose of the call in the contact information associated with the calling number. Some alternatives to the “verified call” language may include language such as “certified call,” or other language that would indicate to the user that the call has been verified and can be trusted.

In at least one example, the purpose of the call may be displayed prior to the call being received allowing a user to expect a call from the enterprise or store. When the call arrives at the user device, the user can be notified using “verified call” as the caller identification text or other alternative text or image that has been stored with the contact information. Some alternatives to the “verified call” language may include language such as “certified call,” or other language that would indicate to the user that the call has been verified and can be trusted. Additional text indicating the purpose for the call or other information relevant to the call can be provided as well. At some pre-determined point after the call arrives at the user device, the contact name stored on the user device can be changed back to “Unverified call” either after the call has been connected, after it has ended, or after it has been declined. Thus, the system or method allows users to recognize legitimate calls as verified and spoofed calls as unverified so that the user can make a more informed decision about whether to answer the call. Using a contact name stored on the user device to identify an incoming call is more secure than relying on caller ID to identify the call. This is because the user must grant permission before changes can be made to contact names stored on the user device, but no permission grant is required to change the caller id information transmitted to the user device with the call when a spoofed call is made.

Based on the challenges described, the present disclosure provides a system that enables trust in enterprise outbound calls to customers and improves the overall customer call answer rate. In one example, this improvement in the customer call answer rate can be achieved for enterprise calls by sending a notification or alert containing text regarding the purpose of the call to the customer prior to initiation of a call from the enterprise and notifying the customer at call arrival that it is a verified call. For spoofed calls to the customer, for which the caller is pretending to be the enterprise, the customer is warned that the call is an unverified call, allowing the customer to take appropriate action.

In at least one example, an enterprise application or app installed on the user's phone receives a list of phone numbers, in some examples a spoof prevention list or contact list, from which the enterprise is capable of initiating calls. Each phone number or contact in this list is added to the contacts of the user device and the contact name is set to “Unverified call” or other similar text, name, or image that would suggest to a user that the call is not coming from a known enterprise phone number. With the contact name in this state, when a call arrives, the calling number of the enterprise, which is now present in a contact list on the user device, is displayed as “Unverified call” on the customer's screen or caller id, prompting the customer to dismiss, ignore, or be skeptical when answering the call. This usually happens when an incoming caller is spoofing the caller identity of the enterprise.

In at least one example, when the enterprise intends to make a phone call to the customer, a pre-call notification or alert can be sent by the portal or a server to the user device. The pre-call notification or alert may indicate the purpose of the call and the name of the customer service representative who will be making the call. The pre-call notification or alert causes the user device to modify the contact name language and/or image associated with the calling number to indicate to the user that the call is legitimate. The changed language may also include the purpose of the call. Therefore, when the call arrives from the enterprise, “verified call from enterprise” and/or “purpose of the call” or similar verbiage can be presented to the customer, thus enhancing trust that the incoming call is likely a valid call. In addition to the text, or verbiage, a logo or an icon may be presented to further aid in establishing trust in the call.

A portal/server can receive the purpose or other verbiage regarding the call along with the called number information from a customer relationship management (CRM) program or other contact storage or management system prior to the enterprise making the call. In other examples, the purpose can also be directly sent, selected, assigned, or uploaded to the portal by a customer service representative. In some examples, an enterprise may have a predefined list of call purpose verbiage for a customer service representative to utilize.

In at least one embodiment, a call acquisition function (CAF) can be used to monitor all outgoing calls from the enterprise voice network. In some examples, the call acquisition function can be implemented in software capable of being executed by a computer or other computing device, which is configured within the call network to monitor one or more transmission services or methods such as cellular networks and voice over internet protocol (VoIP). The call acquisition function and subsequent pre-call notifications can be implemented in such a way that these communications occur outside the normal stream for a voice or data transmission. Out-of-band signaling can be utilized to accomplish the notification functions disclosed herein so that such signaling can be independent of the signaling path of the call.

When a call is placed by the customer service representative, the call acquisition function detects the call by matching the calling number to a spoof prevention list in real-time or near real-time operation. Upon detecting a calling number matching a number on the spoof prevention list, the call acquisition function can extract call-related information for the detected call and notify the portal. The portal can then determine if the called number matches one of the notifications received by the portal from the CRM system or customer service representative. The notification sent to the portal may include the calling number, the called number, the time of call, and/or other information about the call. If the call information is matched, then a pre-call notification may be sent to a user device to change the contact name and/or image associated with the calling number on the user device.

The call acquisition function may utilize many different features, programs, circuits, systems, or protocols to create a notification, and/or activate other features, programs, circuits, systems, or protocols. For example, the call acquisition function may have an Ethernet Interface Manager, a Transmission Control Protocol (TCP) Flow Manager, a Session Initiation Protocol (SIP) message decoder, a Spoof Prevention List (SPL), a SIP Modified Call State Machine, and/or a Portal Connection Manager.

An Ethernet Interface Manager can allow for the monitoring of communications through different style and/or protocol analysis. In at least one example, the monitoring may be done through passive means. For example, the call acquisition function can allow for call monitoring in a manner that does not prevent or change the transmission of a call. Communications links may be monitored for traffic between two or more points in a communication system and/or network. The TCP Flow Manager may collect packets and/or arrange packets based on other analysis, data, or information. For example, incoming TCP packets may be collected and/or arranged based on the ordered TCP flows before being processed. Management of the TCP flows can be performed through the discarding of TCP packets or packet sets that have missing or incomplete packets. In some examples, the TCP flow manager can detect and/or discard duplicate TCP packets. If the Session Initiation Protocol (SIP) payload can be determined, it may be extracted and/or forwarded for additional processing.

The SIP message decoder may decode SIP payload, extract, and/or save parameters of calls received and/or transmitted over a communications system or network. The SIP message decoder can utilize the SIP message header information, and in at least one example, can create data records that include calling phone number(s), called phone number(s), and/or call identifier(s). These data records can be compared to the spoof prevention list, or other information handled by the portal or server, to determine if further action needs to be taken. A spoof prevention list can be stored in memory or storage associated with the portal or server to allow for calling phone number(s) to be detected for analysis and/or notification purposes.

In some examples, the spoof prevention list is accessed and processed by the call acquisition function to monitor calls. The list may be updated from a configuration management system, by direct or central database of phone number(s) associated with a user, business, enterprise, client, or customer. The updated list may be pushed to user devices through the app or other communication protocols that allow for modifications to the contacts stored on a user device. In at least one example, a user will be required to give the app, or enterprise, permission to store, modify, and/or otherwise change, add, or delete contacts on the user device.

The system or method disclosed in this embodiment utilizes the ability of the user device to override any contact information provided by an incoming call or data transmission. For example, if a user has Contact A associated with an enterprise number stored as a contact in the user device, a spoofer who sends a caller ID having the enterprise number can still call the user and send spoofed caller ID information having the enterprise number, but the contact name associated with Contact A in the user device will override any name provided by the spoofer in the caller ID information. Thus, by utilizing an app on the user device to add a set of enterprise calling numbers and give each a contact name or title initially that indicates the caller is unverified, the user will be warned that a spoofed call is occurring.

SIP modified call state machine information may include a full call state machine, or portions of the state machine for triggering, detecting, and/or monitoring specific events. For example, a call-start, or call-end event based on originating calls that are on the spoof prevention list may allow for different actions to occur. Notifications may be created for detected, monitored, or triggered events and forwarded to the Portal Connection Manager. The Portal Connection Manager can dynamically create connections based on events, notifications, or detections from the SIP state machines. In at least one example, the Portal Connection Manager creates a connection between the call acquisition function and a portal for sending notifications or alerts to an end user or customer of an enterprise or business. Application program interface requests may be utilized to send or receive the notifications.

Upon receiving the notification or alert from the call acquisition function, the portal can trigger a pre-call notification to a user device. The pre-call notification or alert can contain verbiage indicating the purpose of the call along with the name and calling number of the customer service representative. The pre-call notification or alert may dynamically modify the contact name associated with the calling number to language such as “Verified call from Enterprise,” and/or “Purpose of the call,” or other similar text indicating a verified or certified call is incoming from an enterprise in real-time or near real-time on the user device. When the user's device receives the call, the phone will then display “Verified call from Enterprise,” or other language as desired. At some point after the call is received at the user device, the contact name on the user device can be changed back to the original “Unverified call” language associated with the calling number. Thus, if the user receives a spoofed call later, the caller will be identified as an “Unverified call” to alert the user that the call has not been verified.

There are several ways that the contact name on the user device can be changed back to the original “Unverified call” language. For example, a timer-based mechanism can be executed from or within the app, software, or by the user device. Alternatively, upon notification that a call has been ended or completed, or after a certain time period has elapsed, the portal can send a request to the user device to change the contact name back to “Unverified call” and/or remove the purpose message or verbiage stored with or in the contact on the user device, or otherwise associated with the user device.

In another embodiment, an enterprise application, app, or computer-executed program may be installed on a computing device of a remote worker from the enterprise or store. The enterprise app can schedule a call directly with the customer or user, or in some examples, allow for a call to be made directly from the enterprise app to a customer or user. The remote worker may trigger a scheduling request along with the purpose of the call to the portal from the app installed on his mobile phone, mobile computing device, or computing device. In some examples, if the remote worker is calling from his private landline or private mobile device, the number may be temporarily added to a spoof prevention list for the enterprise or store that can be sent or synced with a customer or user device. The number may be removed from the spoof prevention list after the remote worker has completed a call or when requested by the remote worker.

In some embodiments, the portal/server can trigger an update to all registered users or customers who are utilizing the app whenever there is a need to update or sync the spoof prevention list. The update can be used to add and/or remove numbers from the list. The point of removal of a number from the spoof prevention list could be, for example, that the number has been deactivated, the number has been assigned to another department or division of the enterprise, or the enterprise received a complete new list of phone numbers after changing its carrier.

The syncing of the spoof prevention list may occur in real-time, near real-time, or at scheduled times. In some examples, it may be desirable to require a caller to wait until after the spoof prevention list is updated before making a call from a number not previously on the list. The portal may in turn notify the customer or user about the call scheduling request. The scheduled call information sent to or saved on the portal can trigger a pre-call notification or alert (“Purpose of the call” and/or “Name of the Customer representative will Call from Calling number”) or similar information to a customer or user device, allowing for the pre-call notification or alert to be visible on the customer or user device for a predetermined duration prior to the scheduled call time.

In some examples, the pre-call notification or alert can dynamically modify a contact stored on the customer or user device with the calling number information and contact name information as “Unverified Call.” For example, in the case of a remote worker, a number may be added to a contact list on the user device as part of the pre-call notification or alert, or through other means of updating the contact information. A separate call arrival notification can be triggered at or just before the scheduled time of the call from the portal, instructing or telling a user or customer device to dynamically modify the appropriate contact name associated with the calling number to language such as “Verified call from Enterprise” and/or “Purpose of the call.” When the remote worker initiates the call, the customer receives it with a caller identification notification or indication such as “Verified call from Enterprise” and/or “Purpose of the call.” The remote worker's contact information is maintained for a scheduled time, after which it may be deleted or modified by the user or customer device. This can be accomplished using a call ended notification or alert from the portal or timer expiry at the app, on the user device, or from the portal as discussed above.

When a worker (customer service representative or other similar titled employee or individual) at the enterprise voice network wants to place an outgoing phone call to a customer or user mobile device with the enterprise app installed, the portal is populated with a purpose for the call that is either pushed or pulled from the enterprise's customer relationship management (CRM) system. Alternatively, the customer service representative from the enterprise voice network can directly enter the purpose of the call in the portal. When the customer service representative initiates the outgoing call to the customer phone, the passive monitoring element call acquisition function that monitors all the outgoing calls from the enterprise's voice network initiates a notification to the portal that an outgoing call is placed to a customer. The portal in turn initiates a pre-call notification to the customer or user mobile device about the arriving call from the enterprise. The pre-call notification can have information about the purpose of the call and the calling number of the call from which the call has been initiated.

The pre-call notification may also serve as a request to change the verbiage of the contact name that was downloaded from the spoof prevention list during the app registration or installation process. Upon reception of the pre-call notification or alert, the app in real-time or near real-time alters the verbiage to reflect “Verified call from Enterprise” or alternative language or image that indicates that the caller is an authorized or verified caller for the Automatic Number Identification (ANI) information present in the notification.

As the phone call arrives at the user or customer device, the app displays the “Verified call from Enterprise” text or similar language that reflects that the caller is certified or verified. The app on the customer or user device may send a security alert or notification to the portal when the call has been terminated or a predetermined time period has passed since the phone call was received. For example, a security notification or alert can be sent from the portal a few seconds after the call termination or after a predetermined time period to cause the verbiage of the contact name to be changed back to “Unverified Call” or similar language that would allow the customer or user to know that any subsequent call has not been verified.

A scammer attempting to spoof the enterprise or store phone number may not have the ability to cause the customer or user device to change the verbiage of the calling number from “Unverified Call” to “Verified call from Enterprise” as the stored contact information associated with the number on the user device will override the caller ID information sent by the scammer. The customer device may present the spoofed call as an unverified call giving the customer or user the choice to ignore, answer, or otherwise handle the incoming call as they please.

Certain language has been illustrated herein that could be used, for example, to identify that a call has been verified, that it has not been verified, or that the call has a particular purpose. The language used herein such as “Verified call from Enterprise,” “Unverified Call,” “Purpose of Call,” etc. can be customized or modified as desired. For example, the language “Verified call from ABC Company” could be used in the place of “Verified call from Enterprise” to indicate that the call is verified, and likewise, language such as “Update on your Order” could be substituted for the “Purpose of Call” language indicated above depending on the actual purpose of the call. It is expected that the nomenclature will be modified as needed to fit the particular situation with the goal of giving the customer the information needed to enable trust in a verified call and thereby allow the customer to make a more informed decision about whether to answer the call.

FIG. 1 is a flowchart of a method for caller identity verification in accordance with an embodiment of the disclosure. The method for caller identity verification may utilize the contact directory extensions along with an application or program executed from a computer readable medium on a customer or user device such as, but not limited to, a mobile computing device. The contact directory extensions may be a list of contacts or a list of contacts combined with other information or metadata to allow for identification or association of contacts with specific applications, users, devices, or other identifying information, that are not otherwise stored in the contacts associated with the user device. The contact directory extensions may be stored in storage on the user or customer device. Such information need not be stored in the user's normal contact directory. The call directory extensions may also be utilized along with the contacts stored or associated with the user device to allow for verified and unverified callers to be identified.

In at least one embodiment, the app on the user device can access the call directory extension of the user device to save a spoof prevention list. In the unlikely event that a number on the spoof prevention list is already stored in the user's contacts, it may be desirable to delete that contact information from the user's contacts prior to storage of the list. A user device may, when receiving a call, utilize the contacts on the user device first, and if not found, then the user device may check the call directory extensions next, and finally, if no contact information is found for the calling number, then and only then would the contact information provided by the network regarding the calling number be displayed.

An enterprise, store, or other business may utilize a portal to provide a list of calling numbers from the enterprise, store, or other business. In at least one example, the portal can also include a list of notifications, or allow for an employee of the enterprise, store or other business to create his or her own notification to notify the user or customer of the reason or purpose for the call prior to it being made. The portal may be configured with a set of default verbiage options. For example, a bank can configure one of the pre-configured notifications as “Account Clarifications.” In at least one embodiment, the portal may also be connected to a Customer Relationship Management (CRM) system, such as but not limited to Salesforce™ or Hub Spot™, that allows employees, such as customer service representatives (CSR), to upload the purpose of the call prior to making a call to a customer or user based on notes or other documentation saved to one or more of the systems in step 101. The portal may be configured to pull information from the customer relationship management system, or from other enterprise systems.

With the portal acquiring the purpose of the call prior to the call being placed to the customer user, it can allow for notifications or additional information about the user or customer to be reviewed by the employee. The additional information about a user or customer may include notes, billing information, additional contacts, contracts, or other customer or user information stored in other enterprise storage systems or CRM systems that may be pertinent to the purpose selected. For example, if a user has requested a call regarding a loan balance, the portal may receive information from the CRM system regarding the balance of the loan and any special programs that may be available to address any issues for the particular loan type. The loan balance may be included as part of the notification to the user device, and/or to a customer service representative along with the latest statement or a link to the latest statement. If a custom purpose is utilized, it may be populated from the CRM system which in turn can push it to the portal or allow for it to be pulled from the CRM by the portal. The linking with the CRM system can allow for additional customer or user engagement through notes, billing information, additional contacts, contracts, or other customer or user information stored as part of the CRM system or other enterprise system and can be provided to the customer service representative prior to, or during, the call as needed.

Once collected by the portal, the custom purpose may be associated with a particular customer. This association may be included as part of the customer service representative engagement with the CRM system or be performed by the portal when the called or to be called number is identified as a registered user device with the enterprise. Alternatively, the customer service representative can enter the custom purpose directly into the portal, and associate it with a registered user, prior to the call being placed. This completes the process of collecting the purpose for the call and/or providing information that may be utilized for a notification or alert before, near, or at the time a call is made to the customer or user device from the customer service representative. It would be understood that the portal or CRM system(s) may be software executed from a computer-readable medium or media on a computing device or mobile computing device.

In step 102, a call acquisition function (CAF) or other monitoring system can monitor outgoing calls from a customer service representative or voice network. The call acquisition function can generate a notification or alert to the portal telling when a call has been initiated to a number on the spoof prevention list. The notification can include information about the calling number and/or a called number. The portal can then perform an analysis upon receiving the notification from the call acquisition function or other monitoring system. When the calling phone number is matched during the analysis with a scheduled call uploaded at step 101, then a pre-call notification can be sent to the registered user device from the portal at step 103. The call acquisition function may be software, or a program executed on a server or virtual machine (VM) in a private and/or public cloud computer architecture design. In at least one embodiment, the call acquisition function can passively monitor outgoing call (SIP/SS7/SIGTRAN or other communication protocol) traffic in real-time or near real-time across the voice network or enterprise network.

In some examples, the call acquisition function may be downloaded or be installed with a list of phone numbers for a voice network or set of customer service representatives. In at least one example, the list of phone numbers may be a spoof prevention list, approved list, or verified list of the enterprise, store, or other business phone numbers. In other examples, the call acquisition function can generate a call record for each call occurring from the voice network or enterprise and provide that call record to the portal.

If the call acquisition function is utilized to perform any analysis of the calling or called phone numbers, a call record can be generated when the calling number matches with a phone number on the stored enterprise spoof prevention list. In at least one embodiment, the call record in real-time or near real-time may become the trigger for initiating a notification or alert to the portal that an outbound call is being made to a customer or user. The call acquisition function can be utilized with the portal as a software as a service, subscription, API, or called set of functions that may be operated on computing devices or servers at an enterprise or business location, or at an operator facility or location.

The notification or alert may contain data or information such as, but not limited to calling number, called number and/or timestamp. The call acquisition function can execute this process of monitoring thousands of calls in real-time or near real-time simultaneously, using multi-threaded processes, allowing the call acquisition function to perform filter functions that may generate the notifications or alerts to the portal. The call acquisition function may include specialized network processors to filter out unnecessary traffic and/or allow the capture of only session initiation protocol (SIP) traffic or other network traffic utilizing specific communication protocols. Similarly, the call acquisition function may also be utilized as a distributed function where it can be deployed both in the cloud and/or across different physical locations. The call acquisition function can receive a packet stream either from a network packet broker or a virtual packet broker. The call acquisition function may be utilized in a packet-based communication system. While discussed as a call acquisition function, other monitoring systems may be utilized, including, but not limited to, application program interfaces (API) to network equipment or services directly in the call network path. For example, an API based solution can be utilized in non-packet networks to allow the CRM to directly trigger a message indicating call initiation to the portal, or alternatively, the customer representative could trigger the call initiation notification directly from the portal.

In step 103, after receiving the notification or alert that a call has been initiated, the portal can initiate and/or send a pre-call notification or alert to a customer or user device. In at least one embodiment, the customer or user device can be a mobile computing device or a mobile phone capable of receiving text, short messaging services, or data. The portal can implement server or server-like functionality that may allow it to maintain a connection with a plurality of call acquisition functions that are physically distributed across various locations in the world. In at least one example, the portal may be implemented on a server or other computing device.

While illustrated as a pre-call notification, other methods of communication such as email, text, short messaging services, chat features, or other communication methods may also be utilized with this system. The disclosed methods can be utilized with multiple communication protocols to allow an enterprise to alert a user or customer that one of its representatives will be contacting the user through a specified communication means, and that it is a certified or verified communication. For an email-based system, for example, a separate email recipient associated with the verification system could be added to an important email by the sender such that when the email is sent, a portal or server receives the email with identifying information. The portal or server can then send an email initiation notification to the recipient's device triggering a notification on the recipient's device that the email has been verified.

In at least one embodiment, when a notification or alert (calling number, called number, Timestamp) from the call acquisition function is received at the portal, the portal can match the called number with the phone number associated with a customer, or user device. The portal may trigger a pre-call notification or alert with a custom purpose or other language or verbiage provided as a default purpose configured by the enterprise. One example of verbiage for the pre-call notification can be in the form “Call will be received from Enterprise calling number: ###-###-####”+“Purpose”).

In at least one example, the portal may utilize a token that has been acquired from the customer or user device as a part of the registration, download, or installation process. A token is often used to create an identification or verification that can then be utilized rather than any data or information that can be linked to a user or individual. In the example of a phone or communication system, the token may identify the device or communication link without providing any identifying information. The token may be utilized by the enterprise, store, or business to identify the customer or user, or their specific devices, while in other examples the token may be part of an authentication or multi-factor authentication protocol or system. The pre-call notification can be sent using this token to a customer or user device capable of connecting to networks supporting APNS/GCM/FCM or other similar protocols that in turn forward the notification or alert the user or customer device and/or an application or app on said user or customer device. The pre-call notification may include a call arrival notification or contact identifying alert (“Verified call from Enterprise”) that the user or customer device may utilize to modify the contact identification information. The pre-call notification may also include the logo of the enterprise that establishes trust in the arriving phone call resulting in higher call-answer rate.

In step 104, the customer device receives the pre-call notification and modifies the contact name to a name indicating the contact is verified and optionally including the purpose of the call. Step 104, in at least one embodiment, allows for the app or application executed or running on a user or customer device to display a pre-call notification or alert to a user or customer to give the customer a heads up that the call is coming. The app can be an application or software stored and/or executed from storage on the user or customer device. In at least one example, the application can be from Sevis, with availability from the Apple® App Store or Google® Play or other similar software stores or downloadable locations.

In other examples, the functionality of the app can be integrated into the app of the enterprise or store. In any of these versions, when the user or customer device receives a pre-call notification through a communication or packet enabled network, the user or computing device can forward the notification or alert to the app for further processing or executions. Upon reception of the pre-call notification, the app may execute or initiate programs or protocols that allow for the message to be displayed on the user or customer device, and/or include information about the impending arriving call from the enterprise or store contact or voice network. During the installation and/or registration process, the app may download an enterprise or store contact list with phone numbers that an enterprise contact can originate a call from. The enterprise or store contact list can be stored in the contact list of the user device, or in the app and/or contact directory extension of the user or customer device. It would be understood that contact directory extension may be associated with a particular device or type of device, but could include functionality such as calling number, name, and/or contact notes or details to be displayed regarding a communication to the user device even without any of the information being stored in the contact list of the user device.

In at least one example, the enterprise or store contact list contains two parameters—the business or store name, and phone number. Typically, an enterprise will have more than one number that can be saved, but all the contact name(s) for the phone numbers are initially stored with language such as “Unverified Call.” When a pre-call notification or alert arrives from the portal, the app matches the calling number from the pre-call notification with the business or store contact list stored in the app, user device contact list, and/or contact directory extension and accordingly modifies the contact name from “Unverified call” to “Verified call from Enterprise” or other language as may be desired to let the user know that the call has been verified.

In step 105, an enterprise or store contact (in at least one example, an employee or contractor of the enterprise or store) may initiate an outbound call to a customer or user device. Upon call arrival via one or more communication networks, the enterprise or store contact is displayed as “Verified call” and/or “Purpose of the call” or similar language based on the information in the pre-call notification or alert to the app and/or user or customer device. It would be understood that the pre-call notification or alert may occur seconds, or minutes before a call occurs. However, in cases where it is desired to give the customer pre-notification, this time could be a specific number of minutes before the phone call is to occur to allow a user or customer time to see the notification or alert prior to the call. Additional information could be provided to the user such as banking information, statements, manuals, or other documents. For example, if a user has requested a call regarding a loan balance, the portal may receive information from the CRM system regarding the balance of the loan and any special programs that may be available to address any issues for the particular loan type. The loan balance may be included as part of the notification to the user device, and/or to a customer service representative along with the latest statement or a link to the latest statement.

Manipulation of the contact name based on the received pre-call notification may include changing the contact name, identification, identification tags, notes, details, or other information or data stored with the contacts on the user or customer device or otherwise associated with the user device. The pre-call notification can have information about the impending call arrival and/or verbiage to be displayed to the user as part of the contact information and/or purpose of the call when it arrives. When the call arrives, the user or customer device, or the application can match the calling number with a number stored as part of the enterprise or store contact list and accordingly display the information as modified or previously stored in connection with the pre-call notification or alert. When the call arrives, the app and/or customer or user device may also display a logo or other images associated with the business, enterprise, or store to improve the trust factor with the customer.

In step 106, a timer or timer operation controlled either by the portal on a business computer or server or by the app running on a user or customer device may cause a security notification or alert that the call has ended or will be ending. In this manner, the user or customer device can be prompted to change the contact name or identifying information back to “Unverified caller” or similar language for the phone number stored in the business, enterprise, or store contact list.

In an example of the portal, a timer or timer operation may be preset for a specified time based on either the pre-call notification or the notification from the call acquisition function. At the expiration of the timer or timer operation, a post-call notification or alert may be triggered and/or sent to the customer or user device, like the pre-call notification or alert was sent. The post-call notification or alert may cause the user or customer device, or application, to perform a modification of a contact stored within the user or customer device, the contact extension directory, or within the application. The modification may include modifying the contact name, identification, tags, details, notes, or other information. For example, the contact name may be changed from “Verified caller” to “Unverified caller,” or similar language, with the information regarding the purpose of the call, if any, being removed or deleted.

In an example, where the timer or timer operation is performed by the app or a user or customer device, at the expiration of the timer or timer operation, a post-call operation or process may be triggered and/or executed. The post-call operation or process may cause the user or customer device, or application to perform a modification of a contact stored within the application contact extension directory of the user or customer device or the application. The modification may include modifying the contact name, identification, tags, details, notes, or other information. For example, the contact name may be changed from “Verified caller” to “Unverified caller,” with the information regarding the purpose of the call, if any, being removed or deleted.

In at least one example, the timer or timer operation(s), allow for the verbiage and/or contact name associated with the call that has recently been received or completed to be changed back to its previous state to indicate that any later communications from that number are unverified. As discussed in relation with step 105, the call arrival information may be displayed as “Verified call from Enterprise.” Once the message is displayed, the app or the portal can start an internal timer, or timer operation, and at the expiry of the timer, the contact name information can be altered from “Verified call from Enterprise” to “Unverified Call.” The portal can also start a timer or timer operation the moment it has sent a pre-call notification or alert. Upon expiry of the timer at the portal, the portal can send an end call or post-call notification or alert to change the verbiage of the contact name at the app or user or customer device from “Verified call from Enterprise” to “Unverified Call,” or similar language. The purpose of this step is to change the verbiage at or near the time of the call to avoid spoofed calls from being labeled as verified calls. After the verbiage has been altered to “Unverified Calls,” and assuming no pre-call notification is received from the portal, any call that is trying to spoof any of the enterprise contact list numbers at the user or customer device would result in “Unverified call” being displayed. It would be understood that the post-call notification, in at least one embodiment, may be sent before or after the call has been terminated or ended by the enterprise or store contact, or the user or customer.

FIG. 2 is a transaction flow diagram for the method described above with reference to FIG. 1 in accordance with an embodiment of the disclosure. In operation, the portal and/or computing device executing or running the portal receives the purpose of the call from the customer relationship management (CRM) system prior to the call being made along with the called number information of the call. The call purpose can be directly uploaded to the portal by the customer service representative or can be loaded into the CRM system.

For example, a customer may call regarding a product issue, prompting the creation of a ticket or case within the CRM system. The case is then assigned to a customer service representative to work the case from an enterprise voice network. The call acquisition function (CAF) can monitor the outgoing calls from the enterprise voice network, and if a calling phone number matches with a number on the enterprise contact list (customer service representative calling numbers), the CAF may send a notification in real-time or near real-time to the portal. In some examples, the call acquisition function may send a call record to the portal, which analyzes the call record for a match. The portal may then send a pre-call notification if there is a match of the calling number to a number included on the spoof prevention list. A pre-call notification may include information or data such as, but not limited to, “Purpose of the call” and/or “Name of the Customer rep calling from Calling number.”

In this case, the purpose of the call, including pre-call notifications, can be pulled or pushed from the CRM system to the portal. The purpose can be included so that the customer knows to expect someone to call regarding an issue at the enterprise, which in some cases may have been initiated by the customer. The pre-call notification or alert can be triggered from the portal to the app or customer device when the portal receives the notification from the call acquisition function. This pre-call notification can cause dynamic modification of the appropriate contact name or information associated with the calling number to “Verified call from Enterprise”+“Purpose of the call” in real-time or near real-time on the user or customer device. It would be understood that the application on the user or customer device may execute or initiate the dynamic modification of the appropriate contact based on data or information received over one or more communication networks. A timer-based mechanism executed or running through the app, the customer device, or by a notification or alert from the portal, can trigger the modification or alteration of the verbiage in the contact name back to “Unverified call” during or after the call is completed to prevent spoofed calls from being labeled as verified.

In at least one example, the portal can send the pre-call notification based on a configured time interval, such as, but not limited to, one to five minutes prior to the scheduled call. Other time intervals can be used, however, depending on the application and needs of the system. The pre-call notification can include the purpose of the call, the enterprise employee name, and/or phone number that the customer would receive a call from and may include other relevant information like the department, etc., as desired. The pre-call notification may trigger a dynamic modification of a contact on the customer device based on the following information (ANI X, “Unverified call”). The Automatic Number Identification (ANI) information allows for the identification of a phone number that is calling to the receiving device, and the default contact name allows for efficient processing on the user device. By using both the ANI and the contact name or other information, a user device can quickly establish which contact to change using various forms of filtering or identification.

In some examples, the class or type of calling device may be included as part of the information, or other data exchanged between a user device and the portal or server, allowing the enterprise or entity to know if the user has an Android, Apple, or other device. By knowing the device type, the enterprise will also know that communication means are available to communicate with the user. This includes communication options such as short messaging services, video communications, or other communication types that are device specific (one example being Apple FaceTime®). For example, if a user has an Apple® device, then the enterprise may utilize FaceTime® or other features of Apple® devices to communicate with that particular user via video conferencing.

The portal sends a call arrival notification at the scheduled time of the call or upon a notification from the call acquisition function or other monitoring service, which alters the contact name associated with the customer rep's phone number in the app to (“ANI X, “Verified Call from Enterprise”). When the call is terminated or after the expiry of the timer, a security notification can be sent from the portal to the customer's phone which causes the alteration of the contact information about the customer service representative back to “Unverified call,” or similar contact name.

FIG. 3 is a flowchart of a method of caller identity verification that includes a purpose of a call in accordance with an embodiment of the disclosure. The method of communication and/or operations can allow for a solution where an enterprise customer service representative is working remotely, such as during a pandemic or other work from home situations.

In step 301, a remote employee may utilize a personal or company device to communicate with a customer or user device through one or more communication networks and/or company-controlled devices or services for the purpose of scheduling a phone call with the customer or user. In the case of the remote worker, there may be no trigger of the pre-call notification from the call acquisition function as described in the previous flow as the call acquisition function may not be able to monitor employee personal devices or company devices located outside the enterprise's network. During the registration or installation of an app or application on the remote employee's device, the portal may upload, transmit, and/or download to the remote employee's device a list of customer contacts that the customer service representative can make. In some examples, the app may also include the ability for the remote employee to call from a number associated with the enterprise, store, or business.

In step 302, when a meeting, phone call, or other communication is scheduled between the user or customer and the remote employee, a pre-call or event notification or alert can be sent a pre-defined duration prior to the call from the portal to the user or customer device. In at least one embodiment, the pre-call notification or alert may include data, language, or notes that allow the user or customer device, or an application executed or running on the user or customer device, to display the purpose of the call, the enterprise or business making the call, and the customer service representative name. The pre-call notification may allow for additional operation or actions to occur at the portal or on the user or customer device. In at least one example, the app running on the remote employee's device may send a notification to the portal if a call is scheduled but the device is currently in use, allowing the portal to alert the customer that the customer representative may be delayed in calling.

After or during the scheduling of the call between the remote employee (customer service representative) and the customer, the scheduled call can be registered with the portal. Along with the registration, the remote employee can upload a purpose for the scheduled call and/or select from a predetermined set of call purposes. The call purpose may be directly sent or loaded into the portal or sent to the portal from a CRM system. Based on the information or data for the scheduled call, the portal may match the customer information and/or generate a pre-call notification (“Call will be received from Enterprise calling number” and/or “Purpose for the call”) to the app on the customer or user device. In at least one example, the exchange of information between the portal and the customer or user device can utilize token information established and/or exchanged during the app registration or installation on the user or customer device. In at least one embodiment, the pre-call notification can be sent via communication networks utilizing APNS/GCM/FCM or other packet-based communications or carrier systems, a specified number of minutes prior to the scheduled call from the portal. In some embodiments, the specified time can range between one and sixty minutes. However, to be sure the customer is ready for the call but does not forget about the call, it may be desirable to select a time between one and five minutes for the pre-call notification. When a pre-call notification or alert (“Call will be received from Enterprise calling number”+“Purpose of call”) or similar language arrives at the customer or user device, the app on the customer or user device may create or modify a contact name from “Unverified call” to “Enterprise calling number.” Optionally, upon receiving the pre-call notification or alert, the user device may display an interactive message that allows the user to propose a different time for a call, request no call, or request alternative means of communication such as text, email, video chat, etc. These are some examples. There are any number of options that could be made available to the user to promote efficient communication between the enterprise and the customer. In the event one or more of these options is selected by the user, the user device can send a signal back to the portal, to the enterprise CRM system, or directly to the customer representative as may be desired. Upon receipt of the user's selected preference related to the proposed call, the proposed call or communication means can be modified as needed. In some examples, where the remote employee cannot use an enterprise, store, or business phone number, the remote employee's phone number can be added to the enterprise, or store contact list on the customer or user device, but the number may be prevented from showing or displaying for the privacy of the remote employee.

In step 303, a call arrival notification may be sent to the user or customer device triggering and/or causing the app or user device to modify the contact information for the calling phone number to include “Call from Enterprise calling number” and/or “Purpose” or similar language to alert or display to the user or customer that the call is a legitimate or verified call. In at least one example, the app on the user or customer device can modify the contact information on the user device, in the application, or the contact directory extension. Based on the notification, the app on the customer or user device matches the enterprise calling number or information and changes the contact name from “Unverified call” to “Verified call from Enterprise” in the storage location.

In step 304, the application may execute and/or cause the user or customer device to display “Call from Enterprise calling number” and/or “Purpose” stored with the contact information when the incoming call arrives at the user device from the remote employee's phone number. In at least one example, within a few seconds after the call arrival notification or alert from the portal, the actual call from the enterprise arrives on the customer or user device. The calling number upon call arrival can be matched with the app contact directory extension and it accordingly displays “Verified call from enterprise”. The app on the customer or user device may also display a logo or other branding image at the time of the call arrival.

In step 305, the portal may initiate a timer or timer operation after the call arrival notification is sent to the user or customer device. At the expiration of the timer or timer operation, a security notification may be sent to the user or customer device to change the contact information for the phone number back to “Unverified Call” or other desired verbiage. In at least one embodiment, after the call arrival notification has been sent by the portal, the portal starts an internal timer to send the security notification. After the expiry of the timer at the portal, the portal sends the security notification or alert to prevent spoofed calls from being received as verified calls. Upon reception of the security notification or alert, the user or customer device may change the contact name or information associated with the enterprise calling number to “Unverified Call”. This will enable scammer calls to the customer to be recognized as “Unverified call” when they try to spoof the enterprise calling numbers.

FIG. 4 is a transaction flow diagram for the method described with reference to FIG. 3 in accordance with an embodiment of the disclosure. In operation, the portal and/or computing device executing or running the portal receives the purpose of the call directly from a customer service representative or the call purpose can be loaded into the CRM system and then shared with the portal. For example, a customer may be called with an issue regarding a product, which in turn creates a ticket or case within the CRM system that is assigned to a customer service representative who then acts on the case from an enterprise voice network. In some examples, the portal may send a notice that a call has been scheduled to a remote employee of the enterprise. If the customer service representative is a remote worker, an enterprise app can be installed on a customer service representative's device. The enterprise app may be capable of scheduling a call directly with the customer, registering the scheduled call information with the portal, and/or allowing the customer rep to upload a purpose for the scheduled call. This enterprise app can also maintain a secure connection with the portal to communicate the scheduled call information with the customer.

In some examples, the call acquisition function (CAF) can monitor the outgoing calls from the enterprise voice network, and if a calling phone number matches with a phone number on the spoof prevention list (customer service representative calling numbers) it may send a pre-call notification in real-time or near real-time to the portal. However, because a remote worker may be calling from a personal or enterprise device outside of the network or firewall of the voice network, the call acquisition function may not be able to detect the call. In these examples, the enterprise app utilized by the remote worker may send a notification to the portal when a call is about to occur. The portal can then send a pre-call notification to the user device. The pre-call notification may include information or data such as, but not limited to, “Purpose of the call” and/or “Name of the Customer rep calling from calling number.” The pre-call notification or alert can be triggered from the portal to the app or customer device when the portal receives the notification from the call acquisition function or enterprise app. This pre-call notification can cause dynamic modification of the appropriate contact name associated with the calling number to “Verified call from Enterprise” and/or “Purpose of the call” in real-time or near real-time on the user or customer device. It would be understood that the application on the user or customer device may execute or initiate the dynamic modification of the appropriate contact based on data or information received over one or more communication networks. A timer-based mechanism executed or running through the app and/or the customer device or by a notification or alert from the portal, can trigger the alteration of the verbiage in the contact name to “Unverified call” to prevent spoofed calls from being answered by the customer.

The portal in turn sends a pre-call notification a specified time, for example between one and five minutes, prior to the scheduled call with the purpose, the name of the customer service representative and/or phone number that the customer will be receiving the call from. In the event that the phone number of the customer service representative is not previously stored in the user's phone, the number can be added and stored as an “Unverified Call” similar to the way the enterprise phone numbers are stored. This can be accomplished during a normal sync or update of the spoof prevention list with the user's phone. The portal sends a call arrival notification at the scheduled time of the call which alters the contact name associated with the customer representative's phone number in the app or on the user device to (“ANI X, “Verified Call from Enterprise”). When the call is terminated or after the expiry of the timer, a security notification can be sent from the portal to the customer's phone or device that alters or deletes the contact information about the customer service representative. A deletion generally will only occur in this manner if the customer service representative is using a personal device.

FIG. 5 is a block diagram of a solution architecture environment for caller ID verification using a mobile device in accordance with an embodiment of the disclosure. The enterprise components of the system 501, 502, 504, 505, 506 can be placed behind an enterprise network firewall in a compact or distributed system. For example, in a distributed system the components could be referenced as the enterprise or business cloud. The APNS/GCM/FCM network 507 can be referenced as the public cloud or a set of communication networks or systems, capable of connection to one or more of the different customer mobile devices 508. Remote worker 503 may be a customer service representative or other employee of the enterprise, store, or business that is working remotely or from a company mobile device.

The contact center 502 can be owned by a business, enterprise, or store that is responsible for making outbound calls to users or customers as a part of customer engagement or to conduct its business. Direct or indirect communication network connection(s) can allow for communication between the contact center 502 and the SBC (Session Border Controller) 505. In at least one example, the indirect communication network connection(s) may be illustrated as a distributed network connection that can act as one or more carriers for the SIP traffic associated with the calls between the enterprise contact center 502 and customer mobile devices 508.

The call acquisition function (CAF) 504 may be deployed as a server/VM in the private/public cloud. The call acquisition function 504 can be a distributed function and/or capable of being deployed across multiple locations to monitor the signaling traffic (SIP/SIGTRAN/SS7) in real-time or near real-time. In some examples, the call acquisition function 504 generates call records for phone calls detected from the contact center 502 and sends the call records to the portal 506 for analysis. In other examples, the call acquisition function 504 can be populated with an enterprise contact list that includes the phone numbers that can be utilized as calling numbers for outgoing calls from the enterprise contact center 502. The portal 506 may push updates of the enterprise contact list to an enterprise app on a remote worker's device, the call acquisition function 504 or user devices 508 when updates are made to the enterprise contact list. The call acquisition function 504 allows for monitoring of the outgoing calls from the enterprise that match the calling number information stored with the enterprise contact list to initiate notifications from and/or to the portal 506. The notification may contain information about the call.

Customer relationship management system 501 can collect the purpose of the call prior to the call being placed to the enterprise customer or user. In some examples, the customer relationship management system 501 can allow for enterprise employees to share notes, details, or contact information for enterprise customers or users. The purpose of the phone call can be populated in the customer relationship management system 501 by the remote employee 503. The purpose of the phone call can be shared with the portal 506 that may be integrated with the customer relationship management system 501 through a direct or indirect connection where the customer relationship management system 501 can push information about the purpose of the call along with the called number or other customer information to the portal 506. In other examples, the portal 506 can poll for call purpose updates for different customers and pull the information from the customer relationship management system 501. The purpose of a specific customer call can also be directly populated in the portal 506 by the remote employee 503. It would be understood that the remote employee 503 may also be an in-house enterprise employee working at a physical location of the enterprise or at the enterprise contact center 502.

The portal 506, implemented on a computing device or server, where the computing device or server can be utilized in the enterprise (e.g., a bank) network/cloud system, architecture or structure that may be capable of hosting and/or performing several functions. The portal 506 can be capable of implementing the function of handling the registration and/or installation process of the apps installed, downloaded, or synced on customer mobile devices 508. In some examples, these functions may be performed using secure communication to maintain privacy. In at least one example, a token can be exchanged between the customer mobile devices 508 and the portal 506, rather than any personal information. The portal 506, upon accepting the registration and/or installation, may upload or download the enterprise contact list with the contact names as “Unverified calls” for the entire contact list of enterprise calling phone numbers.

In at least one embodiment, this list can be referenced as a spoof prevention list. The other functions the portal 506 may implement can include the reception of information from the customer relationship management system 501 about the purpose of the call for a particular customer prior to the call being made. The portal 506 may also implement the function, process, or execution of a software program for generating a push notification upon reception of a notification from the call acquisition function 504 about an outgoing call initiated from the enterprise. The portal 506 can match the calling number included as a part of the notification from the call acquisition function 504 with the customer information on the portal 506 or customer relationship management system 501 and send a push notification to the user device 508 with the purpose of the communication populated from the customer relationship management system 501 or the remote employee 503. The pre-call notification in at least one example can be sent to the customer using the token collected as a part of the app registration and/or installation over APNS/GCM/FCM 507 communication networks or systems.

The user devices 508 may include any kind of mobile devices or computing devices configured to receive phone calls, video calls, text messages, or other forms of communication protocols independent of the OS on these devices. The phone calls may be connected through telephone exchanges or over internet protocol. Nonlimiting examples of user devices 508 include a smartphone, a tablet computer, and a laptop computer. The user devices 508 shown in FIG. 5 are merely illustrative and other user devices such as smartwatches and desktop computers are within the scope of this disclosure. A user device 508 can have an enterprise app integrated with the functionality or an app from Sevis to enable the solution described in this disclosure.

FIG. 6 is a block diagram showing the initial interactions between a portal and a customer device in accordance with an embodiment of the disclosure. The portal 601 may be a computing device or server, capable of communicating via one or more communication networks. The portal 601 may allow for communications and/or interactions via the one or more communication networks, such as but not limited to registration and/or installation of an application, app, or computing device executed software on a customer or user device 602. In at least one embodiment, an enterprise contact list may be transferred to the user or customer device 602 along with information regarding said contact list, such as but not limited contact numbers and/or contact names 603.

In at least one example, the customer or user may download the app from an Apple® app store, Google® play or similar digital or internet-based download location, and the user or customer may install the app on the device 602. The app can communicate over one or more communication networks configured to utilize APNS/GCM/FCM or similar packet-based communication protocols. In at least one example, to transmit and/or communicate over the one or more communication networks, a token can be established and/or allocated for communication between the app or user device 602 and the portal 601.

The app may utilize a URL stored in the app or on the user or customer device 602 to send the registration information (Name, Phone number, and Token) to the portal 601. The portal 601 upon receiving the registration request can create a profile for the customer or user that may be stored in storage coupled to or accessible by the portal 601. The portal 601 transmits the spoof prevention list that includes a list of phone numbers comprising calling numbers for the outgoing calls to the customers from the enterprise voice network. When the list is uploaded to the app or customer device 602, the app or customer device 602 can store the spoof prevention list in the device contacts or as part of the contact directory extension with the contact names listed initially as “Unverified calls” 603 or other similar language. In at least one example, contact directory extension creates these contacts and stores their names 603.

FIG. 7 is a block diagram showing a pre-call notification communication between a customer device and a portal in accordance with an embodiment of the disclosure. In at least one embodiment, the portal 701 can trigger, transmit or have a process for sending a pre-call notification to an app on a customer or user device. The pre-call notification may then cause other processing, or actions to be taken on the customer device 702. When the pre-call notification arrives at the customer device 702, the customer device 702 can display a notification or alert about the impending or upcoming enterprise call arrival as shown in FIG. 7. The pre-call notification may initiate a search in the contacts or contact directory extensions 703 based on the enterprise calling number listed in the notification. It would be understood that these actions may be modified for different versions of software, operating systems, or customer devices. The app or customer device implementation may deploy different search algorithms to execute the search efficiently to minimize the time to find an exact match. Once the appropriate contact (illustrated as ANI B) is found in the customer device contact list 704, the contact name in the contact or contact directory extensions 703 associated with the enterprise calling number is changed to “Verified call from Enterprise” from “Unverified call”.

FIG. 8 is a block diagram showing an end-call notification communication between a portal and a customer device in accordance with an embodiment of the disclosure. In at least one embodiment, the portal 801 may trigger, transmit, or otherwise utilize processes for sending a security notification or alert to a user or customer device 802 or an application running on the customer device 802. After the pre-call notification (discussed in reference to FIG. 7) has been sent from the portal 801, an internal timer can be launched at the portal 801 to send a security notification. The timer or timer operation executed by the portal 801 can be configurable and applied to outgoing phone calls placed by an enterprise voice network for which a pre-call notification has been sent from the portal 801. Upon expiration of the timer or timer operation at the portal or computing device executing the portal 801, security notification or alert, directly or utilizing the token information from the customer profile on the portal (801) is sent to the customer device 802 to enable spoofing prevention. When the app running on the customer device 802 receives the security notification or alert, it can initiate a search in customer device 802 contacts or call directory extensions or similar contact storage as appropriate depending on the implementation. Once the appropriate contact (illustrated as ANI B) matching the enterprise calling number is found, the contact name is altered from “Verified call from enterprise” to “Unverified call” (803).

FIG. 9 is a block diagram showing a call from a scammer to a customer in accordance with an embodiment of the disclosure. In at least one example, the scammer device 901 may be any kind of communication device that scammer may use for phone number or caller identity spoofing. In some examples, the scammer device 901 may utilize multiple computing devices to spoof a phone number or caller identity (ID). The spoof prevention list (903) stored on the customer device 902 can be downloaded from the portal with all the contact names as “Unverified Call.” When the scammer makes a call to an enterprise customer, the customer device 902 matches the incoming phone number with a number on the spoof prevention list as ANI X (could be any of ANI A, B or C illustrated or any number of ANI utilized by the enterprise). When a spoofed phone number matches a phone number stored in the spoof prevention list stored as a contact or part of the call directory extension, the user device will display “Unverified call.” This warns the user of the spoofed call.

FIG. 10 is a network architecture diagram of a caller identity verification system in accordance with an embodiment of the disclosure. The caller identity verification system 1000 can allow for an enterprise voice network 1002 to provide communications to a user device 1004 over a telecommunications system. The communications 1006A and/or 1006B may come through a mobile carrier 1008 or data communications systems 1010, such as but not limited to fiber, cable, DSL, or other wired or wireless connection.

In at least one example, the mobile carrier 1008 may communicate with interexchange carrier 1012. The interexchange carrier 1012 may be one or more communication systems, such as but not limited to, cellular telephone carriers, long-distance telephone companies or systems. In another example, the interexchange carrier 1012 may be referred to as an IXC. The interexchange carrier 1012 may allow for a signal to be transported locally or over a long distance based on one or more wired or wireless network protocols. The interexchange carrier 1012 can receive communications, and/or telephone communications from the enterprise voice network 1002. The enterprise voice network 1002 may have a router, private branch exchange (PBX), signal converter or conditioner and/or other device, system, or mechanism 1014 that can allow for the transition of internal voice communication to external protocols.

The enterprise voice network 1002 can include a contact center 1016 that may allow for voice and/or data communication to internal locations. In some examples, the contact center 1016 can be a voice transmission or signal origination point. An employee of the enterprise may interact with a CRM system 1018 that can trigger alerts and/or notifications about employee activities. The contact center 1016 and the CRM system 1018 may interact through data, or non-voice communication networks or protocols, in at least one example. Voice signals may be sent through a voice signaling router 1020 that can, in at least one embodiment, generate call detail records (CDR) and/or provide call information to a call acquisition function (CAF) 1022. In at least one embodiment, the call acquisition function 1022 can monitor direct phone calls as they are transmitted between the voice signaling router 1020 and the router, private branch exchange (PBX), signal converter or conditioner and/or other device, system or mechanism 1014. The monitoring can be enhanced by the receipt of the CDR data and/or information. In some examples, the call acquisition function 1022 may be able to monitor the transmitted phone calls to gather the information included in the CDR.

The call acquisition function 1022 can detect from the call information, the calling phone numbers, or other indicators from the CDR, when a phone call matches information shared and/or sent to the portal 1024 from the CRM system 1018. The portal 1024 can receive call information such as caller, called number (call receiver), a purpose for the call, the calling entity, and/or other information or data about or concerning the call. For example, the portal 1024 may receive a call purpose from the CRM system 1018 indicating that enterprise employee Y will be calling a user X at a specified time regarding user X's bank account with enterprise Y and user X's loan balances. The portal 1024 may send a pre-call notification or alert 1026 to the user device 1004 indicating the purpose, the enterprise, and/or the employee name prior to the phone call. When the outgoing phone call from the enterprise is detected by the call acquisition function 1022, a notification can be sent to the portal 1024, which in turn sends the pre-call notification or alert 1026 to the user device 1004 to change the caller ID information 1028 by way of the contact list or call directory extension on the user device 1004 from an unverified caller to verified caller from enterprise X as discussed above.

In at least one embodiment, the caller ID information and/or data for each outgoing phone number of the enterprise voice network 1002 may be stored on the device 1004 when an app or other contact information or data is integrated with, interacts with, or is otherwise stored or activated on the user device 1004. It would be understood that firewall(s) 1030 may be utilized to protect data, information, connection, and/or networks from intrusive attacks attempting to access user or enterprise data or information without authorization.

FIG. 11 is a network architecture diagram of a caller identity verification system in accordance with an embodiment of the disclosure. The caller identity verification system 1100 can allow for a cloud contact center network 1102 to provide communications to a user device 1104. The communications 1106A and/or 1106B may come through a mobile carrier 1108 or data communications systems 1110, such as but not limited to fiber, cable, DSL, or other wired or wireless connection.

In at least one example, the mobile carrier 1108 may communicate with interexchange carrier 1112. The interexchange carrier 1112 may be one or more communication systems, such as but not limited to, cellular telephone carriers, long-distance telephone companies or systems, using either wired or wireless network protocols. In other examples, the interexchange carrier 1112 may be referred to as an IXC. The interexchange carrier 1112 may allow for a signal to be transported locally or over a long distance based on one or more wired or wireless network protocols. The interexchange carrier 1112 can receive communications, and/or telephone communications from the cloud contact center network 1102. The cloud contact center network 1102 may have a router, private branch exchange (PBX), a signal converter or conditioner, and/or other device, system, or mechanism 1114 that can allow for the transition of internal voice communication to external protocols.

The cloud contact center network 1102 can include a contact center 1116 that may allow for voice and/or data communication to internal or external locations. In some examples, the contact center 1116 can be a voice transmission or signal origination point. An employee of the enterprise may interact with a CRM system 1118 that can trigger alerts and/or notifications about employee activities to a portal 1124. The contact center 1116 and the CRM system 1118 may interact through data, or non-voice communication networks or protocols, in at least one example. Voice signals may be sent through a session border controller (SBC) 1120 that can, in at least one embodiment, generate call detail records (CDR) and/or provide call information to a call acquisition function (CAF) 1122 or other monitoring system. In at least one embodiment, the call acquisition function 1122 can monitor phone calls as they are transmitted between the session border controller (SBC) 1120 and the router, private branch exchange (PBX), a signal converter or conditioner and/or other device, system or mechanism 1114 in a manner that does not interfere with the call or require equipment to be in the signal path. The monitoring can be enhanced by the receipt of the call data records (CDR) and/or information. In some examples, the call acquisition function 1122 may be able to monitor the transmitted phone calls to gather the information included in the CDR.

The call acquisition function 1122 can detect from the call information, the calling phone numbers, or other indicators from the CDR when a phone call matches information stored in and/or sent to the portal 1124 from the CRM system 1118, and the portal 1124 can then send a notification to a user device 1104. The portal 1124 can receive call information such as caller, call destination (call receiver), a purpose for the call, the calling entity, and/or other information or data about or concerning the call. For example, the portal 1124 may receive a call purpose from the CRM system 1118 indicating that enterprise employee Y is going to be calling a user X at a specified time regarding user X's bank account with enterprise Y and user X's loan balances. The portal 1124 may send a pre-call notification or alert 1126 indicating the purpose, the enterprise, and the employee name prior to the phone call. When the outgoing phone call from the enterprise is detected by the call acquisition function 1122, a notification can be sent to the portal 1124 to determine if it matches the call information received from the CRM system 1118, and if a match occurs, a pre-call notification or alert can be sent from the portal 1124 to the user device 1004 to change the caller ID information 1128 by way of the stored contacts or call directory extension on the user device 1004 from an unverified caller to verified caller from enterprise X as discussed above. In at least one embodiment, the caller ID information and/or data for each outgoing phone number of the enterprise voice network 1102 may be stored on the device 1104 when an app or other contact information or data is integrated, interacts with, or is otherwise stored or activated on the user device 1104. It would be understood that firewall(s) 1130 may be utilized to protect data, information, connection, and/or networks from intrusive or exploitative attacks attempting to access user or enterprise data or information without authorization.

FIG. 12 is a transaction flow diagram for a method of use of the disclosed methods with alternative communication protocols in accordance with an embodiment of the disclosure. Utilizing the systems and/or methods discussed above with regard to FIGS. 1-11, an enterprise can utilize similar principals in connection with alternative communication protocols such as short messaging services or video conference call technology that may not rely on traditional or commonly used caller identification features. Accordingly, a user may have a user device that it registers with the enterprise, causing the user's information to be loaded into a customer relationship management system. Many enterprises use customer relationship management systems to send advertisements or marketing information via short messaging services. However, users are becoming wary of these communications as they can be spoofed and used in an attempt to access private information.

In a similar manner as discussed above with respect to calls, an enterprise can use a portal to connect with and/or register a user device. This can be facilitated by the installation of an enterprise application or app on the user device. In at least one example, a token may be exchanged between the user device and portal, and that token can be used for later communications. When the enterprise customer relationship management system needs to send advertisements, marketing information, or otherwise communicate through non-voice communication protocols, a message can be sent through the portal to the user device to alert the user that a communication will be coming. In at least one embodiment, the communication can be sent to the user device directly from the portal utilizing the token, without any pre-communication notification to the user device. This allows the user to see the communication is coming from a verified source and is not a spoofed message.

The present disclosure may include a computing device or a mobile computing device that can include any of an application-specific integrated circuit (ASIC), a microprocessor, a microcontroller, a digital signal processor (DSP), a field-programmable gate array (FPGA), or equivalent discrete or integrated logic circuitry. In some examples, the system may include multiple components, such as any combination of one or more microprocessors, one or more microcontrollers, one or more DSPs, one or more ASICs, or one or more FPGAs. It would also be understood that multiples of the circuits, processors, or controllers could be used in combination, in tandem, or multithreading. Additionally, it would be understood that a browser or program could be implemented on a computing device, a mobile device or mobile computing device, such as a phone, a mobile phone, a smartphone, a cell phone, a tablet, a laptop, a mobile computer, a personal digital assistant (“PDA”), a processor, a microprocessor, a microcontroller, or other devices or electronic systems capable of connecting to a user interface and/or display system. A mobile computing device or mobile device may also operate on or in the same manner as the computing device disclosed herein or be based on improvements thereof. The components of the present disclosure may include any discrete and/or integrated electronic circuit components that implement analog and/or digital circuits capable of producing the functions attributed to the modules herein. For example, the components may include analog circuits, e.g., amplification circuits, filtering circuits, and/or other signal conditioning circuits. The components may also include digital circuits, e.g., combinational or sequential logic circuits, memory devices, etc. Furthermore, the modules may comprise memory that may include computer-readable instructions that, when executed cause the modules to perform various functions attributed to the modules herein.

Memory may include any volatile, non-volatile, magnetic, or electrical media, such as a random access memory (RAM), dynamic random access memory (DRAM), static random access memory (SRAM), read-only memory (ROM), non-volatile RAM (NVRAM), electrically-erasable programmable ROM (EEPROM), flash memory, hard disks, or any other digital media. Additionally, there may also be a tangible non-transitory computer readable medium that contains machine instructions, such as, a (portable or internally installed) hard drive disc, a flash drive, a compact disc, a DVD, a zip drive, a floppy disc, optical medium, magnetic medium, or any other number of possible drives or discs, that are executed by the internal logic of a computing device. It would be understood that the tangible non-transitory computer readable medium could also be considered a form of memory or storage media.

Additionally, it would be understood that users or customers would be the end user of an application that would allow for identification of spoofed calls to the user's phone, mobile device, or other communication device. Phone calls could also be video calls such as Zoom®, FaceTime®, Google® Chat, Skype®, or other similar services. A business could be called an enterprise, or store, but could be any company that offers goods or services to the public or private individuals directly or indirectly, electronically or with physical locations.

While this disclosure has been particularly shown and described with reference to preferred embodiments, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention. The inventors expect skilled artisans to employ such variations as appropriate, and the inventors intend the invention to be practiced otherwise than as specifically described herein. Accordingly, this disclosure includes all modifications and equivalents of the subject matter recited in the claims appended hereto as permitted by applicable law. Moreover, any combination of the above-described elements in all possible variations thereof is encompassed by the disclosure unless otherwise indicated herein or otherwise clearly contradicted by context.

While various embodiments in accordance with the principles disclosed herein have been described above, the embodiments have been presented by way of example only, and not limitation. Thus, the breadth and scope of this disclosure should not be limited by any of the above-described exemplary embodiments but should be defined only in accordance with any claims and their equivalents issuing from this disclosure. Furthermore, the above advantages and features are provided in described embodiments but shall not limit the application of such issued claims to processes and structures accomplishing any of the above advantages.

Additionally, the section headings herein are provided for consistency with the suggestions under 37 C.F.R. 1.77 or otherwise to provide organizational cues. These headings shall not limit or characterize the invention(s) set out in any claims that may issue from this disclosure. Specifically, and by way of example, although the headings refer to a “Technical Field,” the claims should not be limited by the language chosen under this heading to describe the so-called field. Further, a description of a technology as background information is not to be construed as an admission that certain technology is prior art to any embodiment(s) in this disclosure. Neither is the “Brief Summary” to be considered as a characterization of the embodiment(s) set forth in issued claims. Furthermore, any reference in this disclosure to “invention” in the singular should not be used to argue that there is only a single point of novelty in this disclosure. Multiple embodiments may be set forth according to the limitations of the multiple claims issuing from this disclosure, and such claims accordingly define the embodiment(s), and their equivalents, that are protected thereby. In all instances, the scope of such claims shall be considered on their own merits in light of this disclosure but should not be constrained by the headings set forth herein. 

1. A call identification system for use with a telecommunications system comprising: a first computing device configured to receive an identification attribute regarding a call to be made by a calling system to a user device; wherein after receiving the identification attribute at the first computing device, the first computing device causes a call initiation notification to be sent to the user device, the call initiation notification containing instructions that, when executed by the user device, stores a desired label in a storage of the user device with a calling number of the call to be made by the calling system such that the desired label is shown on the user device when the call is received at the user device; and wherein after the call is made to the user device, the desired label in the storage of the user device is changed to a different label such that if a subsequent call is made to the user device while the different label is associated with the calling number, the user device displays the different label to indicate to the user that the call has not been verified as coming from an entity associated with the calling number.
 2. The call identification system of claim 1, further comprising a server that is configured to store and transmit a spoof prevention contact list to the storage of the user device prior to the call being made wherein the spoof prevention list comprises a plurality of phone numbers from which an enterprise desires to make a plurality of calls.
 3. The call identification system of claim 2 wherein the spoof prevention contact list comprises a plurality of labels associated with the plurality of phone numbers, the plurality of labels chosen such that when one of the plurality of labels is displayed in connection with a spoofed call, the one of the plurality of labels indicates that the spoofed call has not been verified by the system as originating with the enterprise.
 4. The call identification system of claim 2 further comprising a call monitoring system for monitoring a plurality of outgoing calls and comparing the plurality of outgoing calls with the plurality of phone numbers and upon receiving a match to the calling number, sending the call initiation notification to the user device.
 5. The call identification system of claim 4 wherein the call monitoring system comprises a call acquisition function capable of monitoring one or more communication networks for specific transfers of data.
 6. The call identification system of claim 5 wherein the call acquisition function sends the call initiation notification to the first computing device upon detecting the call in the one or more communication networks.
 7. The call identification system of claim 1 wherein the call initiation notification is triggered in the first computing device upon receipt of a call notification generated by the calling system when a call is initiated by a representative of the calling system.
 8. The call identification system of claim 1 wherein the call initiation notification contains instructions that cause the desired label to be stored in a call directory extension of the user device.
 9. A system for identifying an incoming call over a telecommunication system comprising: a first computing device configured to receive a first notification comprising identification information regarding a call to be made over the telecommunications system to a user device; wherein the first computing device is configured to send a second notification to the user device containing instructions that when executed by the user device changes an identification label for a phone number stored on the user device, wherein the phone number matches the calling number for the call; and wherein after the call is received at the user device, the identification label is changed to a different label to distinguish the calling number when a subsequent call is made to the user device using the calling number as a caller identification.
 10. The system of claim 9, wherein a spoof prevention contact list stored on the first computing device.
 11. The system of claim 9, wherein the first computing device is configured to transmit a spoof prevention contact list to the user device.
 12. The system of claim 11, wherein the spoof prevention contact list comprises a plurality of labels associated with a plurality of phone numbers.
 13. The system of claim 9, wherein the first computing device is configured to send a security notification to the user device a specified period after sending the second notification.
 14. The system of claim 9, wherein the user device is configured with a timer to change the identification label to the different label a specified period after the call is initiated.
 15. The system of claim 13, wherein the security notification causes the user device to change the identification label to the different label.
 16. The system of claim 15, wherein the different label indicates that the subsequent call has not been verified by the system.
 17. A message identification system for use with a telecommunications network comprising: a first computing device configured to receive identification information regarding a message to be sent to a user device; wherein after receiving the identification information at the first computing device, the first computing device causes a message initiation notification to be sent to the user device, the message initiation notification containing instructions that, when executed by the user device, stores a desired label in a storage of the user device with a sender identification, such that the desired label is shown on the user device when the message is received at the user device; and wherein after the message is received at the user device, the desired label in the storage of the user device is changed to a different label such that if a subsequent message is sent to the user device using the sender identification while the different label is associated with the sender identification, the user device displays the different label to indicate to the user that the message has not been verified as coming from an entity associated with the sender identification.
 18. The system of claim 17, wherein the message is a Short Messaging Services (SMS) message.
 19. The system of claim 17, wherein the first computing device is configured to transmit a spoof prevention contact list to the user device.
 20. The system of claim 19, wherein the spoof prevention list comprises a plurality of labels associated with a plurality of contacts, the plurality of labels chosen such that when a one of the plurality of labels is displayed in connection with a spoofed message purporting to be from one of the plurality of contacts, the one of the plurality of labels indicates that the spoofed message has not been verified by the system as originating from the one of the plurality of contacts.
 21. A call identification system for use in a communications network comprising: a server configured to communicate with a first computing device and execute a call acquisition function capable of monitoring one or more communication networks for specific transfers of data; wherein the server receives one or more notifications from the first computing device in response to user inputs; wherein the call acquisition function monitors for a match of at least one attribute from the one or more notifications with a transmission over the one or more communications networks; wherein, upon detecting the match, the call acquisition function triggers a call initiation notification to the server; wherein the call initiation notification triggers a pre-call notification to a customer device that causes the customer device to modify one or more data fields associated with a calling number saved on the customer device.
 22. The call identification system of claim 21, wherein the server is configured to store and transmit a spoof prevention contact list, the spoof prevention contact list comprising a plurality of enterprise phone numbers.
 23. The call identification system of claim 22, wherein the system causes a spoof prevention contact list to be stored on the customer device.
 24. A method for identifying an incoming call in a communications system comprising: receiving at a server in a voice network a first notification regarding an outgoing call to be made from the voice network; monitoring a plurality of outgoing phone calls from the voice network; matching a phone number associated with the first notification with a calling phone number in the plurality of outgoing phone calls; sending a second notification to a user device, wherein the user device is associated with a called number for the outgoing call; and wherein the second notification causes one or more attributes associated with the calling phone number stored on the user device to be modified such that the outgoing call is identified to a user of the user device as a trusted call when the outgoing call arrives at the user device.
 25. The method of claim 24, further comprising sending a spoof prevention contact list stored on the server to a first computing device, wherein the first computing device performs the monitoring step by comparing a plurality of numbers in the spoof prevention contact list with a plurality of calling numbers associated with the plurality of outgoing phone calls.
 26. The method of claim 25, wherein upon detecting a match during the matching step, sending a call initiation notification from the first computing device to the server to trigger the server to send the second notification.
 27. The method of claim 25 wherein upon detecting a match during the matching step, sending the second notification from the first computing device to the user device.
 28. The method of claim 25, further comprising sending the spoof prevention contact list to a user device for storage in a call directory extension of the user device.
 29. The method of claim 24, further comprising sending a security notification to the user device at the expiration of the timer.
 30. The method of claim 24 further comprising causing the one or more attributes associated with the calling phone number stored on the user device to be modified upon expiration of a timer.
 31. A computer-implemented method comprising: receiving a notification comprising verbiage regarding the purpose of a communication at a server; monitoring a first communication network with a monitoring system configured to send a first notice to the server when an outbound communication from the first communication network matches one or more data fields on a spoof prevention list; and sending a pre-call notification to a customer device.
 32. The computer-implemented method of claim 31, wherein the pre-call notification causes the customer device to modify a contact stored on the customer device upon receiving the pre-call notification.
 33. The computer-implemented method of claim 32, wherein when the outbound communication is received at the customer device, the customer device displays an identification of the outbound communication to the user based on the contact stored on the customer device.
 34. The computer-implemented method of claim 33 wherein the identification comprises the purpose of the communication. 